Using different groups of volunteers, OWASP produces documents and develops analyzing tools like the HTTP proxy Scarab.

The videos are of various talks held end of September at the conference in New York and presentation sheets of some of the talks are available for download.

Among the topics discussed were Apache's security module Modsecurity and Parameter Injection (FPI) and Spearfishing attack techniques. Prof. Li Chiou Chen and his colleague Chienting Lin explained how they use open-source software to teach students about web application security. On November 25. OWASP is hosting a one-day conference in Frankfurt, Germany, and are also represented at the 2008 IT Systems exhibition in Munich these days.

At the OWASP AppSec Poland 2009 web security conference two Italian security experts presented a new kind of web application attack threat. The presentation slides for the method called HTTP Parameter Pollution (HPP) are now available online.